Menu
AWS Storage Gateway
User Guide (API Version 2013-06-30)

Performing Common Maintenance Tasks on the VM Local Console

For a gateway deployed on-premises, you can perform the following maintenance tasks using the VM host's local console. These tasks are common to WMware and Hyper-V hosts.

Logging in to the Local Console Using Default Credentials

When the VM is ready for you to log in, the login screen is displayed. If this is your first time logging in to the local console, you use the default user name and password to log in. These default login credentials give you access to menus where you can configure gateway network settings and change the password from the local console. Storage Gateway enables you to set your own password from the AWS Storage Gateway console instead of changing the password from the local console. You don't need to know the default password to set a new password. For more information, see Setting the Local Console Password from the Storage Gateway Console.

To log in to the gateway's local console

  • If this is your first time logging in to the local console, log in to the VM with the user name sguser and password sgpassword. Otherwise, use your credentials to log in.

After you log in, you see the Storage Gateway Configuration main menu, as shown in the following screenshot.

Note

We recommend changing the default password. You do this by running the passwd command from the Gateway Console menu (item 5 on the main menu). For information about how to run the command, see Running Storage Gateway Commands on the Local Console. You can also set your own password from the AWS Storage Gateway console. For more information, see Setting the Local Console Password from the Storage Gateway Console.

To See
Configure a SOCKS proxy for your gateway Routing Your On-Premises Gateway Through a Proxy.
Configure your network Configuring Your Gateway Network.
Test network connectivity Testing Your Gateway Connection to the Internet.
Manage VM time Synchronizing Your Gateway VM Time.
Run Storage Gateway console commands Running Storage Gateway Commands on the Local Console.
View system resource check Viewing Your Gateway System Resource Status.

To shut down the gateway, type 0.

To exit the configuration session, type x to exit the menu.

Setting the Local Console Password from the Storage Gateway Console

When you log in to the local console for the first time, you log in to the VM with the default credentials—the user name sguser and the password sgpassword. We recommend that you set a new password. You can set this password from the AWS Storage Gateway console rather than the local console if you want. You don't need to know the default password to set a new password.

To set the local console password on the Storage Gateway console

  1. Open the AWS Storage Gateway console at https://console.aws.amazon.com/storagegateway/home.

  2. On the navigation pane, choose Gateways then choose the gateway for which you want to set a new password.

  3. On the Actions menu, choose Set Local Console Password.

  4. In the Set Local Console Password dialog box, type a new password, confirm the password and then choose Save. Your new password replaces the default password. AWS Storage Gateway does not save the password but rather safely transmits it to the VM.

    Note

    The password can consist of any character on the keyboard and can be 1 to 512 characters long.

Routing Your On-Premises Gateway Through a Proxy

Volume gateways and tape gateways support configuration of a Socket Secure version 5 (SOCKS5) proxy between your on-premises gateway and AWS. File gateways support configuration of an HyperText Transfer Protocol (HTTP) proxy.

Note

The only proxy configurations AWS Storage Gateway supports are SOCKS5 and HTTP.

If your gateway must use a proxy server to communicate to the Internet, then you need to configure the SOCKS or HTTP proxy settings for your gateway. You do this by specifying an IP address and port number for the host running your proxy. After you do so, AWS Storage Gateway routes all HTTP traffic through your proxy server. For information about network requirements for your gateway, see Network and Firewall Requirements.

The following procedure shows you how to configure SOCKS proxy for volume gateway and tape gateway. For instructions on how to configure HTTP proxy for file gateway, see To configure an HTTP proxy for a file gateway.

To configure a SOCKS5 proxy for volume and tape gateways

  1. Log in to your gateway's local console.

  2. On the AWS Storage Gateway Configuration main menu, type 1 to begin configuring the SOCKS proxy.

  3. Choose one of the following options on the AWS Storage Gateway SOCKS Proxy Configuration menu.

    To Do This
    Configure a SOCKS proxy

    Type option 1.

    You will need to supply a host name and port to complete configuration.

    View the current SOCKS proxy configuration

    Type option 2.

    If a SOCKS proxy is not configured, the message SOCKS Proxy not configured is displayed. If a SOCKS proxy is configured, the host name and port of the proxy are displayed.

    Remove a SOCKS proxy configuration

    Type option 3.

    The message SOCKS Proxy Configuration Removed is displayed.

The following procedure shows you how to configure an HTTP proxy for a file gateway. For instructions on how to configure SOCKS proxy for a volume gateway or tape gateway, see To configure a SOCKS5 proxy for volume and tape gateways.

To configure an HTTP proxy for a file gateway

  1. Log in to your gateway's local console.

  2. On the AWS Storage Gateway Configuration main menu, type 1 to begin configuring the HTTP proxy.

  3. Choose one of the following options on the AWS Storage Gateway HTTP Proxy Configuration menu:

    To Do This
    Configure a HTTP proxy

    Type option 1.

    You will need to supply a host name and port to complete configuration.

    View the current HTTP proxy configuration

    Type option 2.

    If a HTTP proxy is not configured, the message HTTP Proxy not configured is displayed. If a HTTP proxy is configured, the host name and port of the proxy are displayed.

    Remove a HTTP proxy configuration

    Type option 3.

    The message HTTP Proxy Configuration Removed is displayed.

  4. Restart your VM to apply your HTTP configuration.

Configuring Your Gateway Network

The default network configuration for the gateway is Dynamic Host Configuration Protocol (DHCP). With DHCP, your gateway is automatically assigned an IP address. In some cases, you might need to manually assign your gateway's IP as a static IP address, as described following.

To configure your gateway to use static IP addresses

  1. Log in to your gateway's local console.

  2. On the AWS Storage Gateway Configuration main menu, type option 2 to begin configuring a static IP address.

  3. Choose one of the following options on the AWS Storage Gateway Network Configuration menu:

    To Do This
    Describe network adapter

    Type option 1.

    A list of adapter names appears, and you are prompted to type an adapter name—for example, eth0. If the adapter you specify is in use, the following information about the adapter is displayed:

    • Media access control (MAC) address

    • IP address

    • Netmask

    • Gateway IP address

    • DHCP enabled status

    You use the same adapter name when you configure a static IP address (option 3) as when you set your gateway's default route adapter (option 5).

    Configure DHCP

    Type option 2.

    You are prompted to configure network interface to use DHCP.

    Configure a static IP address for your gateway

    Type option 3.

    You are prompted to type the following information to configure a static IP:

    • Network adapter name

    • IP address

    • Netmask

    • Default gateway address

    • Primary Domain Name Service (DNS) address

    • Secondary DNS address

    Important

    If your gateway has already been activated, you must shut it down and restart it from the AWS Storage Gateway console for the settings to take effect. For more information, see Shutting Down Your Gateway VM.

    If your gateway uses more than one network interface, you must set all enabled interfaces to use DHCP or static IP addresses.

    For example, suppose your gateway VM uses two interfaces configured as DHCP. If you later set one interface to a static IP, the other interface is disabled. To enable the interface in this case, you must set it to a static IP.

    If both interfaces are initially set to use static IP addresses and you then set the gateway to use DHCP, both interfaces will use DHCP.

    Reset all your gateway's network configuration to DHCP

    Type option 4.

    All network interfaces are set to use DHCP.

    Important

    If your gateway has already been activated, you must shut down and restart your gateway from the AWS Storage Gateway console for the settings to take effect. For more information, see Shutting Down Your Gateway VM.

    Set your gateway's default route adapter

    Type option 5.

    The available adapters for your gateway are shown, and you are prompted to select one of the adapters—for example, eth0.

    View your gateway's DNS configuration

    Type option 6.

    The IP addresses of the primary and secondary DNS name servers are displayed.

    View routing tables

    Type option 7.

    The default route of your gateway is displayed.

Testing Your Gateway Connection to the Internet

You can use your gateway's local console to test your Internet connection. This test can be useful when you are troubleshooting network issues with your gateway.

To test your gateway's connection to the Internet

  1. Log in to your gateway's local console.

  2. On the AWS Storage Gateway Configuration main menu, type option 3 to begin testing network connectivity.

    The console displays the available regions.

  3. Select the region you want to test. Following are the available regions for gateways deployed on-premises.

    Region Name Region String File Gateway Volume Gateway Tape Gateway
    US East (Ohio) us-east-2

    yes

    yes

    yes

    US East (N. Virginia) us-east-1

    yes

    yes

    yes

    US West (N. California) us-west-1

    yes

    yes

    yes

    US West (Oregon) us-west-2

    yes

    yes

    yes

    Canada (Central) ca-central-1

    yes

    yes

    yes

    EU (Ireland) eu-west-1

    yes

    yes

    yes

    EU (Frankfurt) eu-central-1

    yes

    yes

    yes

    EU (London) eu-west-2

    yes

    yes

    yes

    Asia Pacific (Tokyo) ap-northeast-1

    yes

    yes

    yes

    Asia Pacific (Seoul) ap-northeast-2

    yes

    yes

    yes

    Asia Pacific (Singapore) ap-southeast-1

    yes

    yes

    no

    Asia Pacific (Sydney) ap-southeast-2

    yes

    yes

    yes

    Asia Pacific (Mumbai) ap-south-1

    yes

    yes

    yes

    South America (São Paulo) sa-east-1

    yes

    yes

    no

    Each endpoint in the selected region displays either a PASSED or FAILED message, as shown following.

    Message Description
    [ PASSED ] AWS Storage Gateway has Internet connectivity.
    [ FAILED ] AWS Storage Gateway does not have Internet connectivity.

For information about network and firewall requirements, see Network and Firewall Requirements.

Synchronizing Your Gateway VM Time

After your gateway is deployed and running, in some scenarios the gateway VM's time can drift. For example, if there is a prolonged network outage and your hypervisor host and gateway do not get time updates, then the gateway VM's time will be different from the true time. When there is a time drift, a discrepancy occurs between the stated times when operations such as snapshots occur and the actual times that the operations occur.

For a gateway deployed on VMware ESXi, setting the hypervisor host time and synchronizing the VM time to the host is sufficient to avoid time drift. For more information, see Synchronizing VM Time with Host Time.

For a gateway deployed on Microsoft Hyper-V, you should periodically check your VM's time. For more information, see Synchronizing Your Gateway VM Time.

Running Storage Gateway Commands on the Local Console

The AWS Storage Gateway console helps provide a secure environment for configuring and diagnosing issues with your gateway. Using the console commands, you can perform maintenance tasks such as saving routing tables or connecting to AWS Support.

To run a configuration or diagnostic command

  1. Log in to your gateway's local console.

  2. On the AWS Storage Gateway Configuration main menu, type option 5 for Gateway Console.

  3. On the AWS Storage Gateway console, type h, and then press the Return key.

    The console displays the Available Commands menu with the available commands and after the menu a Gateway Console prompt, as shown in the following screenshot.

  4. To learn about a command, type man + command name at the Gateway Console prompt.

Viewing Your Gateway System Resource Status

When your gateway starts, it checks its virtual CPU cores, root volume size, and RAM and determines whether these system resources are sufficient for your gateway to function properly. You can view the results of this check on the gateway's local console.

To view the status of a system resource check

  1. Log in to your gateway's local console.

  2. In the AWS Storage Gateway Configuration main menu, type 6 to view the results of a system resource check.

    The console displays an [OK], [WARNING], or [FAIL] message for each resource as described in the table following.

    Message Description
    [OK] The resource has passed the system resource check.
    [WARNING] The resource does not meet the recommended requirements, but your gateway will continue to function. AWS Storage Gateway displays a message that describes the results of the resource check.
    [FAIL] The resource does not meet the minimum requirements. Your gateway might not function properly. AWS Storage Gateway displays a message that describes the results of the resource check.

    The console also displays the number of errors and warnings next to the resource check menu option.

    The following screenshot shows a [FAIL] message and the accompanying error message.

Configuring Network Adapters for Your Gateway

By default, AWS Storage Gateway is configured to use the E1000 network adapter type, but you can reconfigure your gateway to use the VMXNET3 (10 GbE) network adapter. You can also configure Storage Gateway so it can be accessed by more than one IP address. You do this by configuring your gateway to use more than one network adapter.

Configuring Your Gateway to Use the VMXNET3 Network Adapter

AWS Storage Gateway supports the E1000 network adapter type in both VMware ESXi and Microsoft Hyper-V Hypervisor hosts. However, the VMXNET3 (10 GbE) network adapter type is supported in VMware ESXi hypervisor only. If your gateway is hosted on a VMware ESXi hypervisor, you can reconfigure your gateway to use the VMXNET3 (10 GbE) adapter type. For more information on this adapter, see the VMware website.

Important

To select VMXNET3, your guest operating system type must be Other Linux64.

Following are the steps you take to configure your gateway to use the VMXNET3 adapter:

  1. Remove the default E1000 adapter.

  2. Add the VMXNET3 adapter.

  3. Restart your gateway.

  4. Configure the adapter for the network.

Details on how to perform each step follow.

To remove the default E1000 adapter and configure your gateway to use the VMXNET3 adapter

  1. In VMware, open the context (right-click) menu for your gateway and choose Edit Settings.

  2. In the Virtual Machine Properties window, choose the Hardware tab.

  3. For Hardware, choose Network adapter. Notice that the current adapter is E1000 in the Adapter Type section. You will replace this adapter with the VMXNET3 adapter.

  4. Choose the E1000 network adapter, and then choose Remove. In this example, the E1000 network adapter is Network adapter 1.

    Note

    Although you can run the E1000 and VMXNET3 network adapters in your gateway at the same time, we don't recommend doing so because it can cause network problems.

  5. Choose Add to open the Add Hardware wizard.

  6. Choose Ethernet Adapter, and then choose Next.

  7. In the Network Type wizard, select VMXNET3 for Adapter Type, and then choose Next.

  8. In the Virtual Machine properties wizard, verify in the Adapter Type section that Current Adapter is set to VMXNET3, and then choose OK.

  9. In the VMware VSphere client, shut down your gateway.

  10. In the VMware VSphere client, restart your gateway.

After your gateway restarts, reconfigure the adapter you just added to make sure that network connectivity to the Internet is established.

To configure the adapter for the network

  1. In the VSphere client, choose the Console tab to start the local console. You will use the default login credentials to log in to the gateway's local console for this configuration task. For information about how to log in using the default credentials, see Logging in to the Local Console Using Default Credentials.

  2. At the prompt, type 2 to select Network Configuration, and then press Enter to open the network configuration menu.

  3. At the prompt, type 4 to select Reset to DHCP, and then type y (for yes) at the prompt to reset the adapter you just added to use Dynamic Host Configuration Protocol (DHCP). You can type 5 to set all adapters to DHCP.

  4. At the Enter the adapter prompt, type eth0, and then press Enter to continue. The only adapter available is eth0.

    If your gateway is already activated, you must shut it down and restart it from the AWS Storage Gateway Management Console. After the gateway restarts, you must test network connectivity to the Internet. For information about how to test network connectivity, see Testing Your Gateway Connection to the Internet.

Configuring Your Gateway for Multiple NICs

If you configure your gateway to use multiple network adapters (NICs), it can be accessed by more than one IP address. You might want to do this in the following situations:

  • Maximizing throughput – You might want to maximize throughput to a gateway when network adapters are a bottleneck.

  • Application separation – You might need to separate how your applications write to a gateway's volumes. For example, you might choose to have a critical storage application exclusively use one particular adapter defined for your gateway.

  • Network constraints – Your application environment might require that you keep your iSCSI targets and the initiators that connect to them in an isolated network that is different from the network by which the gateway communicates with AWS.

In a typical multiple-adapter use case, one adapter is configured as the route by which the gateway communicates with AWS (that is, as the default gateway). Except for this one adapter, initiators must be in the same subnet as the adapter that contains the iSCSI targets to which they connect. Otherwise, communication with the intended targets might not be possible. If a target is configured on the same adapter that is used for communication with AWS, then iSCSI traffic for that target and AWS traffic will flow through the same adapter.

When you configure one adapter to connect to the AWS Storage gateway console and then add a second adapter, storage gateway automatically configures the route table to use the second adapter as the preferred route. For instructions on how to configure multiple-adapters, see the following sections.